1b5b1b83655a160ca5b939ab9a36031a42c321bcbc36161908ff2e5071a59a01 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

663772c3a03a586a65c19e83b36cb200N.exe
Size

50KB
Sample

240819-mlhf9ayglg
MD5

663772c3a03a586a65c19e83b36cb200
SHA1

d5c8b816ca5fa286244fec01df1ae3a33bacfc7f
SHA256

1b5b1b83655a160ca5b939ab9a36031a42c321bcbc36161908ff2e5071a59a01
SHA512

7f706c5e8310c519b5507491df3cb8026c5de8c1cab4d9562bc09b87992bb6f3132f80001d5a85f4ec16e28b6f970d5114b8d980d89b4c3e378f8f4aa6e554f4
SSDEEP

768:W7BlphA7pARFbhL801VvM801Vvv7GqSAjzjL:W7ZhA7pApw03vR03v1SA3v

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  663772c3a03a586a65c19e83b36cb200N.exe
- Size
  
  50KB
- MD5
  
  663772c3a03a586a65c19e83b36cb200
- SHA1
  
  d5c8b816ca5fa286244fec01df1ae3a33bacfc7f
- SHA256
  
  1b5b1b83655a160ca5b939ab9a36031a42c321bcbc36161908ff2e5071a59a01
- SHA512
  
  7f706c5e8310c519b5507491df3cb8026c5de8c1cab4d9562bc09b87992bb6f3132f80001d5a85f4ec16e28b6f970d5114b8d980d89b4c3e378f8f4aa6e554f4
- SSDEEP
  
  768:W7BlphA7pARFbhL801VvM801Vvv7GqSAjzjL:W7ZhA7pApw03vR03v1SA3v
Score

9^/10

discovery ransomware
- Renames multiple (3751) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware